Posted
by
timothy
on Sunday January 16, 2011 @05:06PM
from the 1600-pennsylvania-avenue-should-do dept.

An anonymous reader writes "Do you really want third-party app developers on Facebook to be able to access your mobile phone number and home address? Facebook has announced that developers of Facebook apps can now gather the personal contact information from their users. Security firm Sophos describes it as 'a move that could herald a new level of danger for Facebook users' and advises users to remove their home address and phone numbers from the network immediately."

I wonder if this is a tactic to see just how much bullshit people will put up with.

With each successful push by Facebook they can re-evaluate their company upwards and until they have reached the point where such a move threatens the perceived value of the company they will push further. Once they find the point at which the value is threatened they will revert the last change and sell up.

It always is. Every time Facebook introduces something, they just do it and see where it gets them... hoping some things people won't notice or care. Zuckerberg's own emails/texts have elucidated that he thinks Facebook's users are all suckers and idiots. He has no sense of ethics... every step is just to see what kind of privacy-violating crap they can push because their entire model is predicated upon out-of-sight/out-of-mind selling of information to third parties in lieu of in your face advertising.

The tactic is "monetize, monetize, monetize!" Their advertisers demand more and more personal data. Now that FB is this defacto monopoly on all things social media, they'll keep handing it over for further profits. FB is a corporation, the sole reason for its existence is to make money. I don't know why people can't accept that. Its why I don't like to use it. I know that to FB we're datamining goldmines.

I wonder if this is a tactic to see just how much bullshit people will put up with.

By my experience, the answer to that is quite a bit.

Just recently I decided to test just how much trolling it would take to get one of my "friends" to unfriendly me. He wasn't really a friend, I added him back in the heady days of 2007 when we added everyone and their dog. Lets just call him Frank, Frank's a bit childish and petty to start off with so I thought he'd be a perfect target. Better yet he just started to use his facebook page as an amateur marketing tool for some "artists" he was "managing" (meaning local performers he kind of hung around with). So Frank is also a bit of a pillock.

Frank had already blocked me because I own an Android phone and Frank didn't like posts about the latest thing I was doing with it so I had to post under Franks posts. I began with intellectual trolling, countering his arguments with logical discussion, this normally ended up with "you don't know what you're talking about" being the height of his counter arguments but nothing else. After a while I moved onto Grammar Nazism, and the responses elevated to ad-hominem.

After about a week I elevated to obvious trolling, First Post and popular memes, most of these just got deleted. After about a week he disappeared from Facebook. He still logged on but stopped posting. Finally 2 weeks later he launched one of his bad attempts to market some band, I could of kept going with conventional trolling but instead I took the nuclear option and hit him with a two girls and one cup link. 20 minutes later I received a phone call from Frank, literally in tears asking me to stop and I simply asked him why didn't he just unfriendly me. Still sobbing he said he doesn't want his friend count to go down. I was already in the process of un-friending Frank. Frank took a lot of abuse for a tiny bit of social status, I think many Facebook users would be the same.

I've got two facebook accounts, one is my real friends (now excluding Frank and most people like Frank who I couldn't give a rats clacker about) which is a very small list. The second is an account not under my real name which has everybody added including a lot of Thai and Philippino girls (I live in OZ, it's easy to pop over to the phils for some cheap, no strings attached action, they get de-friended when they start to ask for a lot of money).

BTW, I'm not that much of a sociopath, this is not a normal experiment for me and I was just curious as to how much abuse it would take. It kind of spiralled out of control towards the end.

So far I've derived no benefit from it, but I could easily see that if I wanted to change jobs it would be very usefull.

Many of the people I've worked with on projects in the past would be more than happy to hear from me and help me get a job on their latest project, and I'd do the same. Having one spot to hold all of that info is very handy, especially when old colleagues change their email address, phone number or location.

Facebook is getting too invasive. Every website that has a "like this" button can find out some information about you. Facebook probably knows more about your online habits than Google. They WILL sell this information, too. Unlike Google, they have no other interest in collecting it than to resell it to data miners. They have a history of not respecting your privacy.

Don't put up with FB any more. Delete your account. Log in and go to this URL:

http://www.facebook.com/help/contact.php?show_form=delete_account

Clear out your facebook cookies to make sure that the deletion sticks (it will be reverted if you log in within two weeks, including via those websites that have FB widgets on them). I have done this and I am happier: I know my friends better. I have a fuller social life and I spend much less time on meta-socializing (all the things that go into organizing a social life, like FB). It is great.

If you aren't even a facebook user, you might want to add the antisocial subscription [adblockplus.org] to adblock,since those little facebook icons are just as useless as the social bookmarking buttons of yore, but more viral.

If you aren't even a facebook user, you might want to add the antisocial subscription [adblockplus.org] to adblock,
since those little facebook icons are just as useless as the social bookmarking buttons of yore, but more viral.

As a Facebook non-user, those little icons serve a valuable purpose. They help me identify which websites to never visit again.

I never set one up in the first place. Besides the huge amount of time it wastes, frankly, there's a reason I wasn't friends with people I went to school with and I have no desire to be online friends with them now.

Privacy is like virginity. It's tempting to give it away, but you never ever get it back.

Not magically but legally different: http://www.ftc.gov/opa/2005/04/dnc.shtm [slashdot.org]. It is illegal to cold call mobile numbers and Facebook should be held liable for any crimes committed by the selling of this information.

Unless you have a very, very unique name (like M. Zuckerberg, probably) your Facebook profile can't easily be linked to your appearance in a phone book. No one will know if the Billy Smith they see on Facebook living "somewhere in Oregon" is B. Smith #36 in the phone book. If they can actually get that information off your profile the game changes completely.

No one will know if the Billy Smith they see on Facebook living "somewhere in Oregon" is B. Smith #36 in the phone book. If they can actually get that information off your profile the game changes completely.

And that time will come eventually. And it will apply to all your old data as well.

Companies are data mining like crazy. I never put personal information online, but since companies are scanning in public records and then connect that information, they do have my age, my address, two of my last three residences correctly identified, and got me linked correctly to my in-laws. The income bracket they guessed from the neighborhood.

Within the next couple years some company will be able to come up with a probabilistic algorithm that links this information to your face book account. People will be able to buy a profile of you that includes your personal data, all old blog posts (analyzed for character flaws) and some old college pictures of you, some friend had on line years ago. And a few more years and picture recognition software will be able to start with known pictures and then find you on other pictures, pattern recognition will be able to determine the likely author of anonymous rants. And that all can be done on old data, that was never meant to come back 20 years later.

The rules haven't changed. Your number and address are still private and shared only with people you authorize. The only difference is that the people you authorize can now include "developers of apps" as well as "friends."

Strangely enough there used to be which is why to this day my mobile has a confidential, unlisted number.

Sometime around 1993 to 1995 I bought my first mobile. The telephone company had this weird idea of publishing a paper white pages directory of mobile numbers and as in their minds mobiles were only for business use back then wanted me to pay to be in this directory.

When I said I wasn't prepared to pay the nice lady at the phone company call centre discovered that the only way to drop me from this direct

On my new phone, I put in my facebook account for shits 'n giggles, and my phone imported my friends list and all their contact data. I now have a couple dozen phone numbers for people that I was never given directly by the owner. When that happened, I just kinda shook my head in wonder. Now with this story, I'm damn glad I've got absolutely minimal information on my facebook account.

Facebook is no longer just a website run by a couple of college kids. It is a business - a big business - and like any business their number one priority is making as much money as possible. This is especially true now that Goldman-Sachs has invested $500 million and is trying to get others to invest another Billion or so. No matter how much lip service is given to "privacy" it is no accident that their privacy settings are hard to figure out, don't really do anything and completely deleting a profile is difficult, assuming that they actually delete anything at all. This is by deliberate design because Facebook's business model demands that they must be able to sell your personal information to advertisers.

Facebook is no longer just a website run by a couple of college kids. It is a business - a big business - and like any business their number one priority is making as much money as possible.

Sadly, this is one big business that was probably creepier when it was just a website run by a couple of college kids, one of whom once said about people's Facebook data, 'People just submitted it. I don't know why. They "trust me". Dumb fucks.' At least now he has investors to sometimes keep him in check, a little bit, maybe.

Sadly, this is one big business that was probably creepier when it was just a website run by a couple of college kids, one of whom once said about people's Facebook data, 'People just submitted it. I don't know why. They "trust me". Dumb fucks.' At least now he has investors to sometimes keep him in check, a little bit, maybe.

I'd argue this story is proof that his investors aren't keeping him in check. I don't doubt the fact that he's suppose to be worth billions has done nothing in his own mind but vindicate him and boost his already inflated ego.

...delete your account! Well, at least do your best to delete as much of it as you can. As soon as I learnt years ago that you could never delete your Facebook account I knew never to sign up to that rubbish. And Facebook have vindicated my decision every step of the way ever since.

You'd be a complete nutjob to be using Facebook. I hope that Diaspora is made available to the public in some form this year, though I'm reasonably content with Twitter.

...delete your account! Well, at least do your best to delete as much of it as you can. As soon as I learnt years ago that you could never delete your Facebook account I knew never to sign up to that rubbish. And Facebook have vindicated my decision every step of the way ever since.

Actually, the best solution is to probably replace all your personal information in your account with fake information. Maybe then, at least, Facebook will think you moved. Maybe you will get even luckier and they will lose your old data in a backup failure. If you just delete your account, I am sure they know you are on to them and try to sell your info to the highest bidder!

You'd be a "nutjob" to trust any vital information to Facebook. But I submit to you that there are millions of highly educated and/or computer savvy facebook users. Classifying them all as "nutjobs" is silly. I have a facebook account. I don't post anything on my profile or anywhere else that I consider to be important. I don't post pictures of my children on Facebook (and nor does my wife).

So you post nothing of importance, only useless shit? I guess that is a useful tactic to scare other users off facebook.

I suspect that's flamebait but I'll bite. I don't post anything of importance from a security standpoint. I might post that I had fun at someone's event - I don't post about it ni avance. I might post that I'm feeling sick or tired, I don't post my doctor's report. I might post that a gadget I own is frustrating me but I don't post an inventory of what I own. I might say my child's done something amusing, but I don't post their whereabouts. I might post that something is going on in the area I live in, but I don't post street address or GPS co-ordinates or phone numbers.

In other words I'm careful. If you don't care about what my frustrations are, what amusing things my kids did etc. sure you'll consider it "useless shit". That is BY DESIGN.

Most phone support for companies only need Phone number, address and DOB for an identity confirmation and all it takes is for someone to get access to someone's credit card account for them to be able to completely steal their identity for dodgy bankloans or being able to get drivers licenses/passports.

I grew up when phone numbers were public information. Everybody had a book where you could look up the phone number and address of anyone in the area. A few people were unlisted at their own request, but this was the exception.

Phone numbers and addresses were treated as public knowledge.

When cell phones first arrived, receiving calls cost money, so cell phone numbers were kept private. Now that the cost of incoming calls is much, much lower, there's little need to keep treating these things as private, especially with people replacing land lines with cell phones.

The problem lies not with facebook making this data available; the problem lies with everyone who pretends this is secret information to begin with. Some companies consider your phone number to be a unique identifier. Other (idiotic) companies treat it as an authenticator...something nobody else knows. Mix those two and BAD SHIT HAPPENS.

SSNs are treated the same way. Some places use them for identification and others use them as a freaking password. Frequently an individual bank or credit provider will be using a SSN as both a username and password simultaneously. THAT is the heart of the problem.

Would knowing the address for the White House help you steal Obama's identity. No, because everybody knows that is public knowledge. The problem is the people who think "wow, this guy knows his own address, so he obviously must be who he claims to be, because nobody else would know that"

A phone book just has a phone number and an address. Facebook has far more information on far more people than found in any given phone book. To add to this, children and teens normally aren't in a phone book but are in Facebook. For FB to give devs access to this all in a very tidy bundle with hardly any work is pretty scary. You just need to make a trojan and anyone that accepts it not only compromises their own information, also gives away information of everyone they're "friends" with.

I grew up when phone numbers were public information. Everybody had a book where you could look up the phone number and address of anyone in the area. A few people were unlisted at their own request, but this was the exception.

Two things:1. There is more on your Facebook account than just a phone number and home address2. Most people I know list their cell phone number on Facebook. This is not public and can't be looked up in a directory.

Why stop there? Why leave your house in the first place? If you go outside, you're just -asking- for your organs to get sold on the black market. And having a computer is just begging someone to steal your identity and infect you with computer viruses.

Alright, that's a hyperbole, but my point is that a lot of people actually like facebook. Deleting information like your home address and phone number is an easy step, and then they'll still be able to use it.

Reduction to the absurd is itself absurd. By shooting any woman who gets pregnant of course we can eliminate all of society's problems, including facebook "privacy", within 100 years. But exactly how useful is that as an argument?

Because Facebook still provides a useful service with no real competitor.

I propose that non-use is a competitor.

I choose non-use over use of FB. simply not necessary at all for anyone. its like soda, it really performs NO useful function but somehow they convince people they 'need' to have soda with their meal instead of just water, for example.

FB is important only to those so self-involved. its almost 'cute' in a way, that those users think the world really revolves around them.

those of us who never joined see how silly the whole give-away concept is.

Those of us who never joined quickly see another thing too: the futility of trying to explain that to anyone who doesn't already understand it.

I suppose addicts of hard drugs have more denials and rationalizations than the merely egotistical and self-indulgent, but not by much.

The mentality can be summarized thusly: "but but but, it performs some trivial and transient convenience that's not really necessary -- clearly that outweighs every principled objection!" Sometimes there are shades of "you're

I never put information that detailed up there in the first place. Partially for this sort of reason, but also partially because not everyone on my friends list needs to know all of it (or would care if it was there). Anyone who would want to know, already does.

That one is the one I hate worst. Yes, it's a short way to say you like or hate a comment, but when you need to post a "Facebook like" to a person or company to get a warm fuzzy it's time to admit your social skills are all but gone.

I mean, really, did anybody actually expect facebook to not sell your information to the highest bidder? If you put up real information, expect it to be used. The solution: LIE like a rug! Tell them your home address is 1060 W Addison, Chicago, IL (yeah, that one's kinda lame, copying SNL is good only for laughs). Tell them your phone number is 555-1212. Whatever, be creative.

I suspect that even poisoning the database with garbage data won't stop the demand for said data because the marketing people who buy it are far to lazy to actually CHECK said data; and so long as a reasonable percentage of the data is legitimate and they make their numbers, who cares? The cost of buying the data is insignificant when compared to other costs.

You speak as though this absolves Facebook of any responsibility in the matter, when it does not. People have a reasonable expectation that they can limit who sees what they post on a social networking profile. For Facebook to decide that personal info is open by default, such as in this case, is nothing short of an appalling lack of personal responsibility on/their/ part.

You are correct in that people need to be more careful with what they put online, but companies like Facebook also have duties to respon

No app can access information you haven't authorized. For an existing app to access that, you'd have to re-authorize it.

Facebook clearly believes there is some subset of apps in which that information is useful, and has made it available. Considering no one can access it if you (as I said) haven't a) added it and b) authorized it, I fail to see an issue.

Actually I used to have my contact info in my profile because I trust my friends (actually, lately I have people I barely know that I've stupidly approved) and I thought it would probably be convenient for them to have said information, and I don't have any privacy-violating apps installed. But disgustingly, apps your friends installed can also access your information, and this is the default setting unless you go in that mysterious region known as "The Settings" and disable that option.

Troll me if you want, but, while i do find this appalling, i cant feel sympathetic to people who post up their personal, private information for their "friends" to see and then later become victims. There's no valid reason for people to put it up and just leaves them vulnerable to exploitation (see previous facebook slashdot story), especially if you're not required to post it (and if you were, use fake data). Someone wants your address? let them ask it you for it.They want to call you? let them ask you for your phone number in person. Or by private email. At the very least you'll have control over who gets it and who does not, rather than people you randomly friended over time and have no idea who they are (yes, it happens).

I've kept my profile (almost) empty for over a year now - believe me when i say you won't miss your data not being up there for the world to see...

It's the old "then they came for me" thing. Even if Facebook users are insufferable cunts, they are the cool crowd and any legislation or standard corporate policy (but I repeat myself) concerning privacy will be determined by how they react to what might hitherto have been regarded as an offensive breach of privacy.

IOW, if Facebook is allowed to continue behaving like this, people will just go, "oh you don't have any privacy anyway, get over it!" with your viewpoint being drowned out. In fact, I've heard a lot of younger people say this. (And a small subset of older guys who always end up having been involved in some way in their employment history with processing large amounts of personal data.)

This isn't a problem for me because I don't put my address or phone number on Facebook. And within 2 minutes of me reading this on Slashdot, the good lady was informed and now she has removed her phone number.

I also don't allow ANY apps. I use Facebook to keep in contact with people, not as a pass-time.

What I see as the real problem for the greater Facebook population is when, inevitably, Facebook allows advertisers (or anyone else who will pay) carte blanche access to people's profile information without t

What would make you want to give Facebook your address in the first place? I don't mind ZIP code, but nothing more specific than that.

Further, why give out your phone number? Unless you are a business, why does Facebook need it? Worst case, get a Google Voice account number and have your calls forwarded.

Even more foolish is giving out your complete birthday. I can see how it is nice to get greetings on your birthday, but it's not worth the extra info for identify fraud. Put in 1900 (or whatever they fi

I wonder if this company has a Safe Harbour agreement with the EU for clients from that jurisdiction.

I know this agreement is voluntary and not monitored until after the fact but EU citizen have contrary to their US brethren far more privacy protection.

Would these third parties misuse the gained information on EU citizen this could bring them grief, the ex-competition officer [europa.eu] has a few months ago taken on the responsibility of the digital agenda.

I was at a gathering yesterday. Met a few new people, nice guys, and I asked one of them for his phone number. I handed him my phone (with the "new contact" sheet open) to type his number, and after a few minutes I started to wonder what kind of novel he's typing in my phone. I'm kinda wary of people snooping through my contacts, so I asked him for the phone back. His response "one sec, I gotta fill in the work place".

Usually, I expect a name (not necessarily the real one, some handle to identify a person w

They can not release any personal information that you DO NOT PROVIDE to them.

I too hate this crap, but too many people do not take privacy seriously and provided the information in the past, therefore, they (companies) have no reason not to expect you to follow and give them information like you have in the past. They believe we are all sheeple!

Too many social networking sites want to lock you into bad OAuth sites, like Facebook, LinkedIn, etc. Too many people forget that as soon as they have any pi

Ya'll blame FB, but I think I'm tossing Google in the "bad guys" column for now because it was the GOOGLE phone book which, um, "raped" my FB friends' accounts without asking. (Wait for it:)

New android phone yesterday (HTC Incred., Froya build, not rooted yet), I sign in with Google which is okay (or *was*). That shit knew one of my facebooks! Asked me to log in; I didn't. I went online with laptop to Google Accounts, and it's got some "suggestions" of FB and other accounts that MAY be mine. (I'm still considering major deletion of Google incl. Gmail, plus FB; not sure what to do).

Today I use the HTC Facebook app and log in, thinking it was separate from the Android, but I guess FB can "talk to" Google apps? — and my PHONE CONTACTS list was suddenly, um, ENHANCED. Noted, some phone contacts I had addresses and other info (not birthdays, etc), but now my phone contacts are all LINKED to their facebook accounts, and I've got phone contacts I didn't have before.

Noted, I haven't had much time to investigate this, because I feel like I've RAPED my FB friends. (I'm ACTIVELY working on this w/ my most paranoid friends first.)

I never put my private stuff on FB accts, EVER, even the 'real' emergency FB acct one with only a few family members as friends — they KNOW how to contact me. And my phone number hasn't [yet?] been added to FB. But now, my Android phone book contacts include FB frends that weren't on my phone originally, and my phone contacts have more information (their FB stuff, I guess) that I didn't enter on my own.

Now maybe it is the FB app (which came with the Android phone) that allowed for this; or user error (I'm new to Android); but I'm messaging the affected FB friends that either they remove what they don't want public, or adjust the privacy settings. My BEST advice is what I read above: delete FB. I'm contacting Verizon tomorrow with some complaints about privacy; even if FB puts it out, their android phones with pre-installed apps like FB shouldn't grab it (esp not without my express approval).

Android only grabs information your friends have already made available to you. You can go any view any of those phone numbers manually on facebook.com when you're logged in. You're correct to warn friends that they are publishing a phone number, if you know they wouldn't want it published. This isn't android's fault though, it's just collecting the information your friends have made available to you on facebook.

Google 'knows' about your facebook account because you're presumably putting some information on your public profile; it looks at facebook account names, compares them to your google account name, and takes a guess at a match. It's trying to be helpful! I find adding facebook data to my phone quite handy, as there's contacts on there (with say, email addresses) that update their information when it changes, I don't have to update it manually my end. It also syncs with the calendar for birthdays, etc.

Note - it's a one way sync. Android (and google) don't put any of your google contacts into facebook. They just pull information from your logged in account to combine with your phone contacts. It doesn't copy any of it to your google contacts or phone contacts, it keeps them separate. It does auto show facebook contacts and google/phone contacts together when they have the same name. You can turn *that* off under the contacts settings, and you'll see them as entirely separate lists.

If you want to turn off the facebook integration, just goto settings/accounts and remove the facebook sync account you have there. That's what's linking your phone to facebook.

I don't know about the HTC app, but the samsung one that came with my phone uses the underlying android facebook sync. So when you logged into the facebook app, you gave it permission to well, connect to your facebook profile. Facebook do have their own official app and widget in the android market - IIRC, it does also autosync with contacts and calendar, but you can turn that off and still use the app.